Managing the Y2K Computer Challenge In Your Supply Chain
Ulli Arnold, Dr., Dr. Habil.
Ulli Arnold, Dr., Dr. Habil., Professor of Industrial Marketing and Supply Management, University of Stuttgart, D-70174 Stuttgart, 711/121-3161, firstname.lastname@example.org
Eberhard E. Scheuing, Ph.D., C.P.M., A.P.P.
Eberhard E. Scheuing, Ph.D., C.P.M., A.P.P., NAPM Professor, St. John's University, New York, NY 11439, 718/990-6770, Ebscheuing@aol.com
84th Annual International Conference Proceedings - 1999
Abstract. Purchasers need to prevent computer problems in their companies' supply chains as the Year 2000 rapidly approaches. This paper presents findings from a CAPS study in the U.S. and simultaneous research in Germany. It also discusses key challenges and best practices in managing the Y2K challenge in supply chains.
The Challenge. With the turn of the century rapidly approaching, purchasing executives are scrambling to meet the daunting task of ensuring that their organizations' supply chains continue to function smoothly as a series of critical dates approaches and passes. Given the fact that computers and computer programs have in the past recognized years by their last two digits and that millions of lines of computer code and millions of pieces of hardware are based on this approach, ensuring supply chain integrity and preventing disruptions, breakdowns, or shutdowns poses a monumental challenge.
A study was conducted during the summer of 1998 among leading American and German companies to determine how they manage the Year 2000 (Y2K) computer challenge in their supply chains. This study was supported by the Center for Advanced Purchasing Studies (CAPS). A total of 137 American organizations responded to a survey and were represented by 93 participants in six focus group sessions held in key cities across the U.S. during the month of July 1998. In Germany, 27 companies participated in the survey and were represented by 22 participants in two focus group sessions held in Stuttgart during the month of August 1998. The American respondents were evenly split between manufacturing and nonmanufacturing organizations and had, on average, 6,673 domestic and 1,268 foreign suppliers to manage. In contrast, three quarters of their German counterparts represented the manufacturing sector; on average, they source from 1,619 domestic and 450 foreign suppliers.
Defining Key Terms. Year 2000 compliance means that:
- suppliers will be able to meet their commitments on time and that there will not be any supply disruptions due to computer glitches, starting on 1/1/1999 and extending well into the 21st century;
- all products shipped by suppliers will perform as specified, unaffected
by any turn-of-the-century dates; and that
- all services performed by external providers will continue to be delivered as before.
Mission critical suppliers can be defined as suppliers who:
- receive a significant portion of an organization's total spend;
- provide a unique technology; or
- hold the potential of shutting down a substantial part of a firm's operations. They may well be small suppliers who hold the keys to larger processes.
Summary of Study Results. Most organizations have undertaken efforts to prepare their own purchasing systems for smooth transition into the next century. They have updated, upgraded, or even replaced purchasing hardware and/or software.
They have, however, found it much more challenging to do the same for equipment currently used in their operations. They rely variously on user (66% U.S./59% Germany), IT (54%/78%), supplier (68%/48%), and third party (27%/15%) certification of Y2K compliance. Responsibility for equipment certification is often divided among different internal groups (e.g., manufacturing, facilities) and across many locations around the world (one participating organization owns 50 companies in the U.S. and 1,000 companies worldwide). At times, the necessary documentation and/or the equipment manufacturer cannot be located. And a piece of paper with a signature (certificate) is often not enough to put minds at ease. Taking equipment off-line and testing it in a Y2K mode is frequently desirable, if not critical.
With new capital equipment, it is common practice (82%/56%) to require supplier certification of Y2K compliance. Most American and some German firms have added terms to their contracts and purchase orders by which suppliers warrant that their products are Y2K compliant. These clauses seem to be accepted matter-of-factly as conditions of doing business and there appears to be little resistance to their inclusion in purchase agreements. Several firms have even asked their suppliers to amend existing contracts in this manner. Some suppliers post on their web sites which of their products are compliant.
While operational issues (keeping operations running smoothly through a transition period of several years, starting on 1/1/1999) tend to dominate discussion and actions, there is considerable concern among American purchasing executives about their organizations' Y2K liability exposure vis-à-vis the customers who buy their end products. Most have been advised by legal counsel to survey their suppliers concerning Y2K compliance. In one participating organization, the supplier compliance process is even managed by the Office of General Counsel. There is a perceived need to demonstrate due diligence on this issue which also includes follow-up to ensure survey responses from suppliers.
Supplier compliance processes involve a broad range of activities, including surveys, meetings, visits, audits, tests, and possibly assistance. Consequently, a multitude of internal and external players often participate and difficulties may arise in coordinating and managing their activities. A number of organizations have created enterprise-wide teams and/or offices to achieve coordination and focus, and have budgeted separate funds for this effort. Most, however, rely on networks of individuals and teams who assume Y2K responsibility in addition to their regular duties and are thus funded by their respective units.
The approach of choice (63%/44%) within American purchasing organizations is to designate a purchasing manager or executive to become the resident expert on Y2K compliance issues and assume responsibility for driving the process. This is in marked contrast to the German approach (35%/67%) which favors placing responsibility with individual supplier managers. Only in rare cases do purchaser performance evaluations in the U.S. include personal Y2K supplier compliance goals that impact compensation and advancement opportunities. IT personnel participation (75%/63%) and cross-functional teams with purchasing representation (62%/52%) round out the picture.
The status and outlook of supplier compliance, however, are still far short of comforting. On average, respondents have contacted only half of their supplier bases on the Y2K issue. Nonetheless, they project that about three-quarters of their suppliers will be in compliance by 12/31/99. But the remaining quarter or so could cause real problems.
In fact, problems seem to abound. Participants report that some suppliers lack a sense of urgency (66%/69%), are unable to assess their own compliance (59%/39%), do not have enough staff to effect compliance (50%/54%), are not willing to certify compliance (55%/12%), and/or are not responding to inquiries at all (52%/35%). And the situation is even bleaker when it comes to 2nd or 3rd tier suppliers: no participating organization has a credible program in place for ensuring upstream compliance - they are too busy dealing with their tier one suppliers. So supply chain compliance seems to mean tier one supplier compliance.
Managerial Implications. To provide meaningful guidance to purchasing professionals in their ongoing efforts to conquer the 'millennium bug,' key insights are provided below in the form of the top ten concerns that emerged from the study as well as the top ten best practices identified in the process.
The Ten Top Concerns
- Awareness and Urgency. All employees and suppliers must be aware of potential problems and feel a sense of urgency to prevent them.
- Divided Responsibility. Responsibility for Y2K issues is often divided between many people, levels, and functions who may have different objectives, perspectives, requirements, and timeframes.
- Commitment and Resources. It is difficult to obtain commitment to Y2K supply chain compliance throughout an organization, and qualified programmers are hard to find.
- Limited Supplier Cooperation. It is difficult to get suppliers to respond to questionnaires, undertake a thorough compliance effort, and sign compliance statements.
- Installed Equipment. It is difficult to determine whether installed equipment is date sensitive because technical documentation and original manufacturers are often hard to find.
- International Coordination. It is challenging to orchestrate compliance activities across different countries, languages, mindsets, time zones, and economic conditions.
- Comprehensive Risk Assessment. Every organization needs to categorize its suppliers according to risk levels, from mission critical to incidental, to prioritize its actions.
- Upstream Compliance. It is essential to ensure compliance of 2nd and 3rd tier suppliers because their failure to comply with the Y2K computer challenge can have a domino effect on subsequent links in the supply chain.
- Contingency Planning. Companies must prepare for emergency sourcing solutions in the event that unforeseen failures translate into supply disruptions.
- Liability Exposure. American firms anticipate the possibility of lawsuits if they are unable to meet their commitments to customers due to the 'millennium bug.'
The Top Ten Best Practices
- Get A Head Start. Because of the time required to assess and remediate Y2K problems, companies who started years ago are ahead of their competition.
- Obtain Separate/Open-Ended Funding. To conduct supplier audits and effect equipment upgrades as needed, a separate budget for Y2K compliance is most helpful.
- Employ Senior Management Steering Group. A cross-functional senior level steering group can help ensure support, cooperation, and resources both within the firm and its supplier base.
- Conduct Comprehensive Risk Assessment. To effectively control the Y2K supply chain risk, all products/services and their sources must be assessed for their impact on the business.
- Develop Systematic Compliance Approach. A document must present definitions, standards, steps, responsibilities, milestones, and reporting requirements of the compliance process.
- Get Your Own House in Order. To credibly ask suppliers for compliance and assist them in the process, companies must remediate their own processes, systems, and products.
- Achieve Supplier Cooperation. Suppliers cooperate more readily if they are invited to Y2K symposia and are asked to respond to one industry-wide survey instead of many.
- Focus on Mission Critical Suppliers. Since key suppliers can shut down a business, it is critical to ensure their compliance first or identify alternate sources.
- Amend Contracts. Y2K supplier warranties should be included in all purchase orders and agreements to alert suppliers and provide protection.
- Develop Contingency Plans. A process should be in place to effectively deal with unforeseen events related to thousands of products and suppliers.
Finding Help. Purchasers looking for assistance in their Y2K quest can find valuable information and guidance at a number of websites:
www.itaa.org/year2000.html - Information on Year 2000-related publications, a supplier directory, and certification program implementation
- www.year2000.com/archive/compliance.html - Sample compliance agreement
- www.y2k.com - List of frequently asked questions about Y2K compliance, information on liability issues, disclosure statements, and an article database
- www.y2kjournal.com - bimonthly journal covering legal, technical, economic, and management issues related to Y2K